<!DOCTYPE html>




<html class="theme-next gemini" lang="zh-Hans">
<head><meta name="generator" content="Hexo 3.9.0">
  <meta charset="UTF-8">
<meta http-equiv="X-UA-Compatible" content="IE=edge">
<meta name="viewport" content="width=device-width, initial-scale=1, maximum-scale=1">
<meta name="theme-color" content="#222">









<meta http-equiv="Cache-Control" content="no-transform">
<meta http-equiv="Cache-Control" content="no-siteapp">
















  
  
    
  
  <link href="https://cdn.staticfile.org/fancybox/3.5.7/jquery.fancybox.min.css" rel="stylesheet" type="text/css">




  
  
  
  

  
    
    
  

  
    
      
    

    
  

  

  
    
      
    

    
  

  
    
      
    

    
  

  
    
    
    <link href="//fonts.googleapis.com/css?family=Monda:300,300italic,400,400italic,700,700italic|Roboto Slab:300,300italic,400,400italic,700,700italic|Lobster Two:300,300italic,400,400italic,700,700italic|Source Code Pro:300,300italic,400,400italic,700,700italic&subset=latin,latin-ext" rel="stylesheet" type="text/css">
  






  

<link href="https://cdn.staticfile.org/font-awesome/4.6.2/css/font-awesome.css" rel="stylesheet" type="text/css">

<link href="/css/main.css?v=6.0.0" rel="stylesheet" type="text/css">


  <link rel="apple-touch-icon" sizes="180x180" href="http://tva3.sinaimg.cn/crop.206.47.515.515.180/709d5819jw8f4k1tlmnsij20pr0gytdx.jpg?v=6.0.0">


  <link rel="icon" type="image/png" sizes="32x32" href="http://tva3.sinaimg.cn/crop.206.47.515.515.180/709d5819jw8f4k1tlmnsij20pr0gytdx.jpg?v=6.0.0">


  <link rel="icon" type="image/png" sizes="16x16" href="http://tva3.sinaimg.cn/crop.206.47.515.515.180/709d5819jw8f4k1tlmnsij20pr0gytdx.jpg?v=6.0.0">


  <link rel="mask-icon" href="http://tva3.sinaimg.cn/crop.206.47.515.515.180/709d5819jw8f4k1tlmnsij20pr0gytdx.jpg?v=6.0.0" color="#222">





  <meta name="keywords" content="vps, java, python, golang, springmvc">




  


  <link rel="alternate" href="/atom.xml" title="张恒的网络日志" type="application/atom+xml">






<meta name="keywords" content="java, python, go, 技术, 学习笔记, spring">
<meta property="og:type" content="website">
<meta property="og:title" content="张恒的网络日志">
<meta property="og:url" content="http://blog.gavinzh.com/404.html">
<meta property="og:site_name" content="张恒的网络日志">
<meta property="og:locale" content="zh-Hans">
<meta property="og:updated_time" content="2020-01-05T08:52:36.912Z">
<meta name="twitter:card" content="summary">
<meta name="twitter:title" content="张恒的网络日志">



<script type="text/javascript" id="hexo.configurations">
  var NexT = window.NexT || {};
  var CONFIG = {
    root: '/',
    scheme: 'Gemini',
    version: '6.0.0',
    sidebar: {"position":"left","display":"post","offset":12,"b2t":true,"scrollpercent":true,"onmobile":false},
    fancybox: true,
    fastclick: true,
    lazyload: true,
    tabs: true,
    motion: {"enable":false,"async":false,"transition":{"post_block":"fadeIn","post_header":"slideDownIn","post_body":"slideDownIn","coll_header":"slideLeftIn","sidebar":"slideUpIn"}},
    duoshuo: {
      userId: '0',
      author: '博主'
    },
    algolia: {
      applicationID: '',
      apiKey: '',
      indexName: '',
      hits: {"per_page":10},
      labels: {"input_placeholder":"Search for Posts","hits_empty":"We didn't find any results for the search: ${query}","hits_stats":"${hits} results found in ${time} ms"}
    }
  };
</script>



  <link rel="canonical" href="http://blog.gavinzh.com/404.html">





  <title>使用DenyHosts保护服务器安全 | 张恒的网络日志</title>
  




<script>
  (function(i,s,o,g,r,a,m){i['GoogleAnalyticsObject']=r;i[r]=i[r]||function(){
            (i[r].q=i[r].q||[]).push(arguments)},i[r].l=1*new Date();a=s.createElement(o),
          m=s.getElementsByTagName(o)[0];a.async=1;a.src=g;m.parentNode.insertBefore(a,m)
  })(window,document,'script','https://www.google-analytics.com/analytics.js','ga');
  ga('create', 'UA-98061925-1', 'auto');
  ga('send', 'pageview');
</script>





</head>

<body itemscope itemtype="http://schema.org/WebPage" lang="zh-Hans">

  
  
    
  

  <div class="container sidebar-position-left page-post-detail">
    <div class="headband"></div>

    <header id="header" class="header" itemscope itemtype="http://schema.org/WPHeader">
      <div class="header-inner"> <div class="site-brand-wrapper">
  <div class="site-meta ">
    

    <div class="custom-logo-site-title">
      <a href="/" class="brand" rel="start">
        <span class="logo-line-before"><i></i></span>
        <span class="site-title">张恒的网络日志</span>
        <span class="logo-line-after"><i></i></span>
      </a>
    </div>
      
        <h1 class="site-subtitle" itemprop="description">Zhang Heng's WebSite Blog</h1>
      
  </div>

  <div class="site-nav-toggle">
    <button>
      <span class="btn-bar"></span>
      <span class="btn-bar"></span>
      <span class="btn-bar"></span>
    </button>
  </div>
</div>

<nav class="site-nav">
  

  
    <ul id="menu" class="menu">
      
        
        <li class="menu-item menu-item-home">
          <a href="/" rel="section">
            
              <i class="menu-item-icon fa fa-fw fa-home"></i> <br>
            
            首页
          </a>
        </li>
      
        
        <li class="menu-item menu-item-about">
          <a href="/about/" rel="section">
            
              <i class="menu-item-icon fa fa-fw fa-user"></i> <br>
            
            关于
          </a>
        </li>
      
        
        <li class="menu-item menu-item-tags">
          <a href="/tags/" rel="section">
            
              <i class="menu-item-icon fa fa-fw fa-tags"></i> <br>
            
            标签
          </a>
        </li>
      
        
        <li class="menu-item menu-item-categories">
          <a href="/categories/" rel="section">
            
              <i class="menu-item-icon fa fa-fw fa-th"></i> <br>
            
            分类
          </a>
        </li>
      
        
        <li class="menu-item menu-item-archives">
          <a href="/archives/" rel="section">
            
              <i class="menu-item-icon fa fa-fw fa-archive"></i> <br>
            
            归档
          </a>
        </li>
      

      
        <li class="menu-item menu-item-search">
          
            <a href="javascript:;" class="popup-trigger">
          
            
              <i class="menu-item-icon fa fa-search fa-fw"></i> <br>
            
            搜索
          </a>
        </li>
      
    </ul>
  

  
    <div class="site-search">
      
  <div class="popup search-popup local-search-popup">
  <div class="local-search-header clearfix">
    <span class="search-icon">
      <i class="fa fa-search"></i>
    </span>
    <span class="popup-btn-close">
      <i class="fa fa-times-circle"></i>
    </span>
    <div class="local-search-input-wrapper">
      <input autocomplete="off" placeholder="搜索..." spellcheck="false" type="text" id="local-search-input">
    </div>
  </div>
  <div id="local-search-result"></div>
</div>



    </div>
  
</nav>



 </div>
    </header>

    <main id="main" class="main">
      <div class="main-inner">
        <div class="content-wrap">
          <div id="content" class="content">
            

  <div id="posts" class="posts-expand">
    

  

  
  
  

  <article class="post post-type-normal" itemscope itemtype="http://schema.org/Article">
  
  
  
  <div class="post-block">
    <link itemprop="mainEntityOfPage" href="http://blog.gavinzh.com/2018/01/28/how-to-use-denyhosts-for-linux-secure/">

    <span hidden itemprop="author" itemscope itemtype="http://schema.org/Person">
      <meta itemprop="name" content="Gavin Zhang">
      <meta itemprop="description" content>
      <meta itemprop="image" content="https://avatars3.githubusercontent.com/u/5567916">
    </span>

    <span hidden itemprop="publisher" itemscope itemtype="http://schema.org/Organization">
      <meta itemprop="name" content="张恒的网络日志">
    </span>

    
      <header class="post-header">

        
        
          <h2 class="post-title" itemprop="name headline">使用DenyHosts保护服务器安全</h2>
        

        <div class="post-meta">
          <span class="post-time">
            
              <span class="post-meta-item-icon">
                <i class="fa fa-calendar-o"></i>
              </span>
              
                <span class="post-meta-item-text">发表于</span>
              
              <time title="创建于" itemprop="dateCreated datePublished" datetime="2018-01-28T14:26:00+00:00">2018-01-28</time>
            

            

            
          </span>

          
            <span class="post-category">
            
              <span class="post-meta-divider">|</span>
            
              <span class="post-meta-item-icon">
                <i class="fa fa-folder-o"></i>
              </span>
              
                <span class="post-meta-item-text">分类于</span>
              
              
                <span itemprop="about" itemscope itemtype="http://schema.org/Thing">
                  <a href="/categories/笔记/" itemprop="url" rel="index">
                    <span itemprop="name">笔记</span>
                  </a>
                </span>

                
                
              
            </span>
          

          
            
              <span class="post-comments-count">
                <span class="post-meta-divider">|</span>
                <span class="post-meta-item-icon">
                  <i class="fa fa-comment-o"></i>
                </span>
                <a href="/2018/01/28/how-to-use-denyhosts-for-linux-secure/#comments" itemprop="discussionUrl">
                  <span class="post-comments-count disqus-comment-count" data-disqus-identifier="2018/01/28/how-to-use-denyhosts-for-linux-secure/" itemprop="commentCount"></span>
                </a>
              </span>
            
          

          
          
             <span id="/2018/01/28/how-to-use-denyhosts-for-linux-secure/" class="leancloud_visitors" data-flag-title="使用DenyHosts保护服务器安全">
               <span class="post-meta-divider">|</span>
               <span class="post-meta-item-icon">
                 <i class="fa fa-eye"></i>
               </span>
               
                 <span class="post-meta-item-text">阅读次数&#58;</span>
               
                 <span class="leancloud-visitors-count"></span>
             </span>
          

          

          

          

        </div>
      </header>
    

    
    
    
    <div class="post-body" itemprop="articleBody">

      
      

      
        <p>在几个月前，笔者介绍了一种保护服务器安全的方法 <a href="/2017/10/22/ssh_deny_protect_your_server/">自动禁止攻击IP登陆SSH，保护服务器安全</a>。这种方法需要自己去动手写相应的脚本，今天要介绍的是开源的脚本实现。</p>
<a id="more"></a>
<h1 id="DenyHosts介绍"><a href="#DenyHosts介绍" class="headerlink" title="DenyHosts介绍"></a>DenyHosts介绍</h1><p>DenyHosts是一个脚本，旨在由Linux系统管理员运行，以帮助阻止SSH服务器攻击（也称为基于字典的攻击和蛮力攻击）。</p>
<p>如果你曾经看过你的SSH日志（Redhat上的/var/log/ secure，Mandrake上的/var/log/auth.log等等），你可能会惊讶地发现有多少黑客试图访问你的服务器。希望他们都没有成功（但是再一次，你怎么知道？）。自动防止攻击者继续进入你的系统不是更好吗？DenyHosts试图解决以上问题。</p>
<p>以上介绍来自<a href="http://denyhosts.sourceforge.net/index.html" target="_blank" rel="noopener">官网</a>。</p>
<h1 id="安装"><a href="#安装" class="headerlink" title="安装"></a>安装</h1><p>以下配置项都是基于centos7，读者如果是别的版本，准备工作可能略有不同。</p>
<p>如果你不需要了解你安装的都是什么，章节的最后有快速安装命令。</p>
<h2 id="安装EPEL源"><a href="#安装EPEL源" class="headerlink" title="安装EPEL源"></a>安装EPEL源</h2><p>有些服务器安装的centos是简版，没有额外的软件包，那么需要先配置EPEL源。</p>
<figure class="highlight plain"><table><tr><td class="gutter"><pre><span class="line">1</span><br><span class="line">2</span><br></pre></td><td class="code"><pre><span class="line">yum update -y</span><br><span class="line">yum install epel-release -y</span><br></pre></td></tr></table></figure>

<h2 id="安装rsyslog"><a href="#安装rsyslog" class="headerlink" title="安装rsyslog"></a>安装rsyslog</h2><p>你需要确认你的centos服务器上有<code>/var/log/secure</code>这个文件，如果没有或者文件内容没有变化，说明没有安装系统日志服务。</p>
<figure class="highlight plain"><table><tr><td class="gutter"><pre><span class="line">1</span><br></pre></td><td class="code"><pre><span class="line">yum install rsyslog -y</span><br></pre></td></tr></table></figure>

<h2 id="安装DenyHosts"><a href="#安装DenyHosts" class="headerlink" title="安装DenyHosts"></a>安装DenyHosts</h2><p>前面准备工作做好了，安装就很简单。</p>
<figure class="highlight plain"><table><tr><td class="gutter"><pre><span class="line">1</span><br></pre></td><td class="code"><pre><span class="line">yum install denyhosts -y</span><br></pre></td></tr></table></figure>

<h2 id="后续操作"><a href="#后续操作" class="headerlink" title="后续操作"></a>后续操作</h2><p>需要重启系统日志服务和denyhosts。</p>
<figure class="highlight plain"><table><tr><td class="gutter"><pre><span class="line">1</span><br><span class="line">2</span><br></pre></td><td class="code"><pre><span class="line">systemctl restart rsyslog</span><br><span class="line">systemctl restart denyhosts</span><br></pre></td></tr></table></figure>

<h1 id="相关配置"><a href="#相关配置" class="headerlink" title="相关配置"></a>相关配置</h1><p>编辑<code>/etc/denyhosts.conf</code>文件。</p>
<figure class="highlight plain"><table><tr><td class="gutter"><pre><span class="line">1</span><br><span class="line">2</span><br><span class="line">3</span><br><span class="line">4</span><br><span class="line">5</span><br><span class="line">6</span><br><span class="line">7</span><br><span class="line">8</span><br><span class="line">9</span><br><span class="line">10</span><br><span class="line">11</span><br><span class="line">12</span><br><span class="line">13</span><br><span class="line">14</span><br><span class="line">15</span><br><span class="line">16</span><br><span class="line">17</span><br><span class="line">18</span><br><span class="line">19</span><br><span class="line">20</span><br><span class="line">21</span><br><span class="line">22</span><br><span class="line">23</span><br><span class="line">24</span><br><span class="line">25</span><br><span class="line">26</span><br><span class="line">27</span><br><span class="line">28</span><br><span class="line">29</span><br><span class="line">30</span><br><span class="line">31</span><br><span class="line">32</span><br><span class="line">33</span><br><span class="line">34</span><br><span class="line">35</span><br><span class="line">36</span><br><span class="line">37</span><br><span class="line">38</span><br><span class="line">39</span><br><span class="line">40</span><br><span class="line">41</span><br><span class="line">42</span><br><span class="line">43</span><br><span class="line">44</span><br><span class="line">45</span><br><span class="line">46</span><br><span class="line">47</span><br><span class="line">48</span><br><span class="line">49</span><br><span class="line">50</span><br><span class="line">51</span><br><span class="line">52</span><br><span class="line">53</span><br><span class="line">54</span><br><span class="line">55</span><br><span class="line">56</span><br><span class="line">57</span><br><span class="line">58</span><br><span class="line">59</span><br><span class="line">60</span><br><span class="line">61</span><br><span class="line">62</span><br><span class="line">63</span><br><span class="line">64</span><br><span class="line">65</span><br><span class="line">66</span><br><span class="line">67</span><br><span class="line">68</span><br><span class="line">69</span><br><span class="line">70</span><br><span class="line">71</span><br><span class="line">72</span><br><span class="line">73</span><br><span class="line">74</span><br><span class="line">75</span><br><span class="line">76</span><br><span class="line">77</span><br><span class="line">78</span><br><span class="line">79</span><br><span class="line">80</span><br><span class="line">81</span><br><span class="line">82</span><br><span class="line">83</span><br><span class="line">84</span><br><span class="line">85</span><br><span class="line">86</span><br><span class="line">87</span><br><span class="line">88</span><br><span class="line">89</span><br><span class="line">90</span><br><span class="line">91</span><br><span class="line">92</span><br><span class="line">93</span><br><span class="line">94</span><br><span class="line">95</span><br><span class="line">96</span><br><span class="line">97</span><br><span class="line">98</span><br><span class="line">99</span><br><span class="line">100</span><br><span class="line">101</span><br><span class="line">102</span><br><span class="line">103</span><br><span class="line">104</span><br><span class="line">105</span><br><span class="line">106</span><br><span class="line">107</span><br><span class="line">108</span><br><span class="line">109</span><br><span class="line">110</span><br><span class="line">111</span><br><span class="line">112</span><br><span class="line">113</span><br><span class="line">114</span><br><span class="line">115</span><br><span class="line">116</span><br><span class="line">117</span><br><span class="line">118</span><br><span class="line">119</span><br><span class="line">120</span><br><span class="line">121</span><br><span class="line">122</span><br><span class="line">123</span><br><span class="line">124</span><br><span class="line">125</span><br><span class="line">126</span><br><span class="line">127</span><br><span class="line">128</span><br><span class="line">129</span><br><span class="line">130</span><br><span class="line">131</span><br><span class="line">132</span><br><span class="line">133</span><br><span class="line">134</span><br><span class="line">135</span><br><span class="line">136</span><br><span class="line">137</span><br><span class="line">138</span><br><span class="line">139</span><br><span class="line">140</span><br><span class="line">141</span><br><span class="line">142</span><br><span class="line">143</span><br><span class="line">144</span><br><span class="line">145</span><br><span class="line">146</span><br><span class="line">147</span><br><span class="line">148</span><br><span class="line">149</span><br><span class="line">150</span><br><span class="line">151</span><br><span class="line">152</span><br><span class="line">153</span><br><span class="line">154</span><br><span class="line">155</span><br><span class="line">156</span><br><span class="line">157</span><br><span class="line">158</span><br><span class="line">159</span><br><span class="line">160</span><br><span class="line">161</span><br><span class="line">162</span><br><span class="line">163</span><br><span class="line">164</span><br><span class="line">165</span><br><span class="line">166</span><br><span class="line">167</span><br><span class="line">168</span><br><span class="line">169</span><br><span class="line">170</span><br><span class="line">171</span><br><span class="line">172</span><br><span class="line">173</span><br><span class="line">174</span><br><span class="line">175</span><br><span class="line">176</span><br><span class="line">177</span><br><span class="line">178</span><br><span class="line">179</span><br><span class="line">180</span><br><span class="line">181</span><br><span class="line">182</span><br><span class="line">183</span><br><span class="line">184</span><br><span class="line">185</span><br><span class="line">186</span><br><span class="line">187</span><br><span class="line">188</span><br><span class="line">189</span><br><span class="line">190</span><br><span class="line">191</span><br><span class="line">192</span><br><span class="line">193</span><br><span class="line">194</span><br><span class="line">195</span><br><span class="line">196</span><br><span class="line">197</span><br><span class="line">198</span><br><span class="line">199</span><br><span class="line">200</span><br><span class="line">201</span><br><span class="line">202</span><br><span class="line">203</span><br><span class="line">204</span><br><span class="line">205</span><br><span class="line">206</span><br><span class="line">207</span><br><span class="line">208</span><br><span class="line">209</span><br><span class="line">210</span><br><span class="line">211</span><br><span class="line">212</span><br><span class="line">213</span><br><span class="line">214</span><br><span class="line">215</span><br><span class="line">216</span><br><span class="line">217</span><br><span class="line">218</span><br><span class="line">219</span><br><span class="line">220</span><br><span class="line">221</span><br><span class="line">222</span><br><span class="line">223</span><br><span class="line">224</span><br><span class="line">225</span><br><span class="line">226</span><br><span class="line">227</span><br><span class="line">228</span><br><span class="line">229</span><br><span class="line">230</span><br><span class="line">231</span><br><span class="line">232</span><br><span class="line">233</span><br><span class="line">234</span><br><span class="line">235</span><br><span class="line">236</span><br><span class="line">237</span><br><span class="line">238</span><br><span class="line">239</span><br><span class="line">240</span><br><span class="line">241</span><br><span class="line">242</span><br><span class="line">243</span><br><span class="line">244</span><br><span class="line">245</span><br><span class="line">246</span><br><span class="line">247</span><br><span class="line">248</span><br><span class="line">249</span><br><span class="line">250</span><br><span class="line">251</span><br><span class="line">252</span><br><span class="line">253</span><br><span class="line">254</span><br><span class="line">255</span><br><span class="line">256</span><br><span class="line">257</span><br><span class="line">258</span><br><span class="line">259</span><br><span class="line">260</span><br><span class="line">261</span><br><span class="line">262</span><br><span class="line">263</span><br><span class="line">264</span><br><span class="line">265</span><br><span class="line">266</span><br><span class="line">267</span><br><span class="line">268</span><br><span class="line">269</span><br><span class="line">270</span><br><span class="line">271</span><br><span class="line">272</span><br><span class="line">273</span><br><span class="line">274</span><br><span class="line">275</span><br><span class="line">276</span><br><span class="line">277</span><br><span class="line">278</span><br><span class="line">279</span><br><span class="line">280</span><br><span class="line">281</span><br><span class="line">282</span><br><span class="line">283</span><br><span class="line">284</span><br><span class="line">285</span><br><span class="line">286</span><br><span class="line">287</span><br><span class="line">288</span><br><span class="line">289</span><br><span class="line">290</span><br><span class="line">291</span><br><span class="line">292</span><br><span class="line">293</span><br><span class="line">294</span><br><span class="line">295</span><br><span class="line">296</span><br><span class="line">297</span><br><span class="line">298</span><br><span class="line">299</span><br><span class="line">300</span><br><span class="line">301</span><br><span class="line">302</span><br><span class="line">303</span><br><span class="line">304</span><br><span class="line">305</span><br><span class="line">306</span><br><span class="line">307</span><br><span class="line">308</span><br><span class="line">309</span><br><span class="line">310</span><br><span class="line">311</span><br><span class="line">312</span><br><span class="line">313</span><br><span class="line">314</span><br><span class="line">315</span><br><span class="line">316</span><br><span class="line">317</span><br><span class="line">318</span><br><span class="line">319</span><br><span class="line">320</span><br><span class="line">321</span><br><span class="line">322</span><br><span class="line">323</span><br><span class="line">324</span><br><span class="line">325</span><br><span class="line">326</span><br><span class="line">327</span><br><span class="line">328</span><br><span class="line">329</span><br><span class="line">330</span><br><span class="line">331</span><br><span class="line">332</span><br><span class="line">333</span><br><span class="line">334</span><br><span class="line">335</span><br><span class="line">336</span><br><span class="line">337</span><br><span class="line">338</span><br><span class="line">339</span><br><span class="line">340</span><br><span class="line">341</span><br><span class="line">342</span><br><span class="line">343</span><br><span class="line">344</span><br><span class="line">345</span><br><span class="line">346</span><br><span class="line">347</span><br><span class="line">348</span><br><span class="line">349</span><br><span class="line">350</span><br><span class="line">351</span><br><span class="line">352</span><br><span class="line">353</span><br><span class="line">354</span><br><span class="line">355</span><br><span class="line">356</span><br><span class="line">357</span><br><span class="line">358</span><br><span class="line">359</span><br><span class="line">360</span><br><span class="line">361</span><br><span class="line">362</span><br><span class="line">363</span><br><span class="line">364</span><br><span class="line">365</span><br><span class="line">366</span><br><span class="line">367</span><br><span class="line">368</span><br><span class="line">369</span><br><span class="line">370</span><br><span class="line">371</span><br><span class="line">372</span><br><span class="line">373</span><br><span class="line">374</span><br><span class="line">375</span><br><span class="line">376</span><br><span class="line">377</span><br><span class="line">378</span><br><span class="line">379</span><br><span class="line">380</span><br><span class="line">381</span><br><span class="line">382</span><br><span class="line">383</span><br><span class="line">384</span><br><span class="line">385</span><br><span class="line">386</span><br><span class="line">387</span><br><span class="line">388</span><br><span class="line">389</span><br><span class="line">390</span><br><span class="line">391</span><br><span class="line">392</span><br><span class="line">393</span><br><span class="line">394</span><br><span class="line">395</span><br><span class="line">396</span><br><span class="line">397</span><br><span class="line">398</span><br><span class="line">399</span><br><span class="line">400</span><br><span class="line">401</span><br><span class="line">402</span><br><span class="line">403</span><br><span class="line">404</span><br><span class="line">405</span><br><span class="line">406</span><br><span class="line">407</span><br><span class="line">408</span><br><span class="line">409</span><br><span class="line">410</span><br><span class="line">411</span><br><span class="line">412</span><br><span class="line">413</span><br><span class="line">414</span><br><span class="line">415</span><br><span class="line">416</span><br><span class="line">417</span><br><span class="line">418</span><br><span class="line">419</span><br><span class="line">420</span><br><span class="line">421</span><br><span class="line">422</span><br><span class="line">423</span><br><span class="line">424</span><br><span class="line">425</span><br><span class="line">426</span><br><span class="line">427</span><br><span class="line">428</span><br><span class="line">429</span><br><span class="line">430</span><br><span class="line">431</span><br><span class="line">432</span><br><span class="line">433</span><br><span class="line">434</span><br><span class="line">435</span><br><span class="line">436</span><br><span class="line">437</span><br><span class="line">438</span><br><span class="line">439</span><br><span class="line">440</span><br><span class="line">441</span><br><span class="line">442</span><br><span class="line">443</span><br><span class="line">444</span><br><span class="line">445</span><br><span class="line">446</span><br><span class="line">447</span><br><span class="line">448</span><br><span class="line">449</span><br><span class="line">450</span><br><span class="line">451</span><br><span class="line">452</span><br><span class="line">453</span><br><span class="line">454</span><br><span class="line">455</span><br><span class="line">456</span><br><span class="line">457</span><br><span class="line">458</span><br><span class="line">459</span><br><span class="line">460</span><br><span class="line">461</span><br><span class="line">462</span><br><span class="line">463</span><br><span class="line">464</span><br><span class="line">465</span><br><span class="line">466</span><br><span class="line">467</span><br><span class="line">468</span><br><span class="line">469</span><br><span class="line">470</span><br><span class="line">471</span><br><span class="line">472</span><br><span class="line">473</span><br><span class="line">474</span><br><span class="line">475</span><br><span class="line">476</span><br><span class="line">477</span><br><span class="line">478</span><br><span class="line">479</span><br><span class="line">480</span><br><span class="line">481</span><br><span class="line">482</span><br><span class="line">483</span><br><span class="line">484</span><br><span class="line">485</span><br><span class="line">486</span><br><span class="line">487</span><br><span class="line">488</span><br><span class="line">489</span><br><span class="line">490</span><br><span class="line">491</span><br><span class="line">492</span><br><span class="line">493</span><br><span class="line">494</span><br><span class="line">495</span><br><span class="line">496</span><br><span class="line">497</span><br><span class="line">498</span><br><span class="line">499</span><br><span class="line">500</span><br><span class="line">501</span><br><span class="line">502</span><br><span class="line">503</span><br><span class="line">504</span><br><span class="line">505</span><br><span class="line">506</span><br><span class="line">507</span><br><span class="line">508</span><br><span class="line">509</span><br><span class="line">510</span><br><span class="line">511</span><br><span class="line">512</span><br><span class="line">513</span><br><span class="line">514</span><br><span class="line">515</span><br><span class="line">516</span><br><span class="line">517</span><br><span class="line">518</span><br><span class="line">519</span><br><span class="line">520</span><br><span class="line">521</span><br><span class="line">522</span><br><span class="line">523</span><br><span class="line">524</span><br><span class="line">525</span><br><span class="line">526</span><br><span class="line">527</span><br><span class="line">528</span><br><span class="line">529</span><br><span class="line">530</span><br><span class="line">531</span><br><span class="line">532</span><br><span class="line">533</span><br><span class="line">534</span><br><span class="line">535</span><br><span class="line">536</span><br><span class="line">537</span><br><span class="line">538</span><br><span class="line">539</span><br><span class="line">540</span><br><span class="line">541</span><br><span class="line">542</span><br><span class="line">543</span><br><span class="line">544</span><br><span class="line">545</span><br><span class="line">546</span><br><span class="line">547</span><br><span class="line">548</span><br><span class="line">549</span><br><span class="line">550</span><br><span class="line">551</span><br><span class="line">552</span><br><span class="line">553</span><br><span class="line">554</span><br><span class="line">555</span><br><span class="line">556</span><br><span class="line">557</span><br><span class="line">558</span><br><span class="line">559</span><br><span class="line">560</span><br><span class="line">561</span><br><span class="line">562</span><br><span class="line">563</span><br><span class="line">564</span><br><span class="line">565</span><br><span class="line">566</span><br><span class="line">567</span><br><span class="line">568</span><br><span class="line">569</span><br><span class="line">570</span><br><span class="line">571</span><br><span class="line">572</span><br><span class="line">573</span><br><span class="line">574</span><br><span class="line">575</span><br><span class="line">576</span><br><span class="line">577</span><br><span class="line">578</span><br><span class="line">579</span><br><span class="line">580</span><br><span class="line">581</span><br><span class="line">582</span><br><span class="line">583</span><br><span class="line">584</span><br><span class="line">585</span><br><span class="line">586</span><br><span class="line">587</span><br><span class="line">588</span><br><span class="line">589</span><br><span class="line">590</span><br><span class="line">591</span><br><span class="line">592</span><br><span class="line">593</span><br><span class="line">594</span><br><span class="line">595</span><br><span class="line">596</span><br><span class="line">597</span><br><span class="line">598</span><br><span class="line">599</span><br><span class="line">600</span><br><span class="line">601</span><br><span class="line">602</span><br><span class="line">603</span><br><span class="line">604</span><br><span class="line">605</span><br><span class="line">606</span><br><span class="line">607</span><br><span class="line">608</span><br><span class="line">609</span><br><span class="line">610</span><br><span class="line">611</span><br><span class="line">612</span><br><span class="line">613</span><br><span class="line">614</span><br><span class="line">615</span><br><span class="line">616</span><br><span class="line">617</span><br><span class="line">618</span><br><span class="line">619</span><br><span class="line">620</span><br><span class="line">621</span><br><span class="line">622</span><br><span class="line">623</span><br><span class="line">624</span><br><span class="line">625</span><br><span class="line">626</span><br><span class="line">627</span><br><span class="line">628</span><br><span class="line">629</span><br><span class="line">630</span><br><span class="line">631</span><br><span class="line">632</span><br><span class="line">633</span><br><span class="line">634</span><br><span class="line">635</span><br><span class="line">636</span><br><span class="line">637</span><br><span class="line">638</span><br><span class="line">639</span><br><span class="line">640</span><br><span class="line">641</span><br><span class="line">642</span><br><span class="line">643</span><br><span class="line">644</span><br><span class="line">645</span><br><span class="line">646</span><br><span class="line">647</span><br><span class="line">648</span><br><span class="line">649</span><br><span class="line">650</span><br><span class="line">651</span><br><span class="line">652</span><br><span class="line">653</span><br><span class="line">654</span><br><span class="line">655</span><br><span class="line">656</span><br><span class="line">657</span><br><span class="line">658</span><br><span class="line">659</span><br><span class="line">660</span><br><span class="line">661</span><br><span class="line">662</span><br><span class="line">663</span><br><span class="line">664</span><br><span class="line">665</span><br><span class="line">666</span><br><span class="line">667</span><br><span class="line">668</span><br><span class="line">669</span><br><span class="line">670</span><br><span class="line">671</span><br><span class="line">672</span><br><span class="line">673</span><br><span class="line">674</span><br><span class="line">675</span><br><span class="line">676</span><br><span class="line">677</span><br><span class="line">678</span><br><span class="line">679</span><br><span class="line">680</span><br><span class="line">681</span><br><span class="line">682</span><br><span class="line">683</span><br><span class="line">684</span><br><span class="line">685</span><br><span class="line">686</span><br><span class="line">687</span><br><span class="line">688</span><br><span class="line">689</span><br><span class="line">690</span><br><span class="line">691</span><br><span class="line">692</span><br><span class="line">693</span><br><span class="line">694</span><br><span class="line">695</span><br><span class="line">696</span><br><span class="line">697</span><br><span class="line">698</span><br><span class="line">699</span><br><span class="line">700</span><br><span class="line">701</span><br><span class="line">702</span><br><span class="line">703</span><br><span class="line">704</span><br><span class="line">705</span><br><span class="line">706</span><br><span class="line">707</span><br></pre></td><td class="code"><pre><span class="line">       ############ THESE SETTINGS ARE REQUIRED ############</span><br><span class="line"></span><br><span class="line">########################################################################</span><br><span class="line">#</span><br><span class="line"># SECURE_LOG: the log file that contains sshd logging info</span><br><span class="line"># if you are not sure, grep &quot;sshd:&quot; /var/log/*</span><br><span class="line">#</span><br><span class="line"># The file to process can be overridden with the --file command line</span><br><span class="line"># argument</span><br><span class="line">#</span><br><span class="line"># Redhat or Fedora Core:</span><br><span class="line">SECURE_LOG = /var/log/secure # centos系统的ssh登录日志文件位置</span><br><span class="line">#</span><br><span class="line"># Mandrake, FreeBSD or OpenBSD: </span><br><span class="line">#SECURE_LOG = /var/log/auth.log</span><br><span class="line">#</span><br><span class="line"># SuSE:</span><br><span class="line">#SECURE_LOG = /var/log/messages</span><br><span class="line">#</span><br><span class="line"># Mac OS X (v10.4 or greater - </span><br><span class="line">#   also refer to:   http://www.denyhost.net/faq.html#macos</span><br><span class="line">#SECURE_LOG = /private/var/log/asl.log</span><br><span class="line">#</span><br><span class="line"># Mac OS X (v10.3 or earlier):</span><br><span class="line">#SECURE_LOG=/private/var/log/system.log</span><br><span class="line">#</span><br><span class="line"># Debian and Ubuntu</span><br><span class="line">#SECURE_LOG = /var/log/auth.log</span><br><span class="line">########################################################################</span><br><span class="line"></span><br><span class="line">########################################################################</span><br><span class="line">#</span><br><span class="line"># HOSTS_DENY: the file which contains restricted host access information</span><br><span class="line">#</span><br><span class="line"># Most operating systems:</span><br><span class="line">HOSTS_DENY = /etc/hosts.deny # 指定不给哪些IP提供服务</span><br><span class="line">#</span><br><span class="line"># Some BSD (FreeBSD) Unixes:</span><br><span class="line">#HOSTS_DENY = /etc/hosts.allow</span><br><span class="line">#</span><br><span class="line"># Another possibility (also see the next option):</span><br><span class="line">#HOSTS_DENY = /etc/hosts.evil</span><br><span class="line">#######################################################################</span><br><span class="line"></span><br><span class="line"></span><br><span class="line">########################################################################</span><br><span class="line">#</span><br><span class="line"># PURGE_DENY: removed HOSTS_DENY entries that are older than this time</span><br><span class="line">#             when DenyHosts is invoked with the --purge flag</span><br><span class="line">#</span><br><span class="line">#      format is: i[dhwmy]</span><br><span class="line">#      Where &apos;i&apos; is an integer (eg. 7) </span><br><span class="line">#            &apos;m&apos; = minutes</span><br><span class="line">#            &apos;h&apos; = hours</span><br><span class="line">#            &apos;d&apos; = days</span><br><span class="line">#            &apos;w&apos; = weeks</span><br><span class="line">#            &apos;y&apos; = years</span><br><span class="line">#</span><br><span class="line"># never purge:</span><br><span class="line">PURGE_DENY =  # 这样设置意味着一旦被拉入黑名单，永远不会放出来</span><br><span class="line">#</span><br><span class="line"># purge entries older than 1 week</span><br><span class="line">#PURGE_DENY = 1w</span><br><span class="line">#</span><br><span class="line"># purge entries older than 5 days</span><br><span class="line">#PURGE_DENY = 5d</span><br><span class="line">#</span><br><span class="line"># For the default Fedora install, we want timestamping but no</span><br><span class="line"># expiration (at least by default) so this is deliberately set high.</span><br><span class="line"># Adjust to taste.</span><br><span class="line">#PURGE_DENY = 4w</span><br><span class="line">#######################################################################</span><br><span class="line"></span><br><span class="line">#######################################################################</span><br><span class="line">#</span><br><span class="line"># PURGE_THRESHOLD: defines the maximum times a host will be purged.  </span><br><span class="line"># Once this value has been exceeded then this host will not be purged. </span><br><span class="line"># Setting this parameter to 0 (the default) disables this feature.</span><br><span class="line">#</span><br><span class="line"># default: a denied host can be purged/re-added indefinitely</span><br><span class="line">#PURGE_THRESHOLD = 0</span><br><span class="line">#</span><br><span class="line"># a denied host will be purged at most 2 times. </span><br><span class="line">#PURGE_THRESHOLD = 2 </span><br><span class="line">#</span><br><span class="line">#######################################################################</span><br><span class="line"></span><br><span class="line"></span><br><span class="line">#######################################################################</span><br><span class="line">#</span><br><span class="line"># BLOCK_SERVICE: the service name that should be blocked in HOSTS_DENY</span><br><span class="line"># </span><br><span class="line"># man 5 hosts_access for details</span><br><span class="line">#</span><br><span class="line"># eg.   sshd: 127.0.0.1  # will block sshd logins from 127.0.0.1</span><br><span class="line">#</span><br><span class="line"># To block all services for the offending host:</span><br><span class="line">BLOCK_SERVICE = ALL # 这样设置意味着一旦进入黑名单，就所有服务都不提供</span><br><span class="line"># To block only sshd:</span><br><span class="line">#BLOCK_SERVICE  = sshd</span><br><span class="line"># To only record the offending host and nothing else (if using</span><br><span class="line"># an auxilary file to list the hosts).  Refer to: </span><br><span class="line"># http://denyhost.sourceforge.net/faq.html#aux</span><br><span class="line">#BLOCK_SERVICE =    </span><br><span class="line">#</span><br><span class="line">#######################################################################</span><br><span class="line"></span><br><span class="line"></span><br><span class="line">#######################################################################</span><br><span class="line">#</span><br><span class="line"># DENY_THRESHOLD_INVALID: block each host after the number of failed login </span><br><span class="line"># attempts has exceeded this value.  This value applies to invalid</span><br><span class="line"># user login attempts (eg. non-existent user accounts)</span><br><span class="line">#</span><br><span class="line">DENY_THRESHOLD_INVALID = 1 # 对于不存在的用户，只允许失败一次</span><br><span class="line">#</span><br><span class="line">#######################################################################</span><br><span class="line"></span><br><span class="line">#######################################################################</span><br><span class="line">#</span><br><span class="line"># DENY_THRESHOLD_VALID: block each host after the number of failed </span><br><span class="line"># login attempts has exceeded this value.  This value applies to valid</span><br><span class="line"># user login attempts (eg. user accounts that exist in /etc/passwd) except</span><br><span class="line"># for the &quot;root&quot; user</span><br><span class="line">#</span><br><span class="line">DENY_THRESHOLD_VALID = 3 # 对于普通用户，最多允许失败三次</span><br><span class="line">#</span><br><span class="line">#######################################################################</span><br><span class="line"></span><br><span class="line">#######################################################################</span><br><span class="line">#</span><br><span class="line"># DENY_THRESHOLD_ROOT: block each host after the number of failed </span><br><span class="line"># login attempts has exceeded this value.  This value applies to </span><br><span class="line"># &quot;root&quot; user login attempts only.</span><br><span class="line">#</span><br><span class="line">DENY_THRESHOLD_ROOT = 2 # 对于root用户只允许失败两次</span><br><span class="line">#</span><br><span class="line">#######################################################################</span><br><span class="line"></span><br><span class="line"></span><br><span class="line">#######################################################################</span><br><span class="line">#</span><br><span class="line"># DENY_THRESHOLD_RESTRICTED: block each host after the number of failed </span><br><span class="line"># login attempts has exceeded this value.  This value applies to </span><br><span class="line"># usernames that appear in the WORK_DIR/restricted-usernames file only.</span><br><span class="line">#</span><br><span class="line">DENY_THRESHOLD_RESTRICTED = 1</span><br><span class="line">#</span><br><span class="line">#######################################################################</span><br><span class="line"></span><br><span class="line"></span><br><span class="line">#######################################################################</span><br><span class="line">#</span><br><span class="line"># WORK_DIR: the path that DenyHosts will use for writing data to</span><br><span class="line"># (it will be created if it does not already exist).  </span><br><span class="line">#</span><br><span class="line"># Note: it is recommended that you use an absolute pathname</span><br><span class="line"># for this value (eg. /home/foo/denyhost/data)</span><br><span class="line">#</span><br><span class="line">WORK_DIR = /var/lib/denyhosts</span><br><span class="line">#</span><br><span class="line">#######################################################################</span><br><span class="line"></span><br><span class="line">#######################################################################</span><br><span class="line">#</span><br><span class="line"># ETC_DIR: the path that DenyHosts will use for reading data when</span><br><span class="line"># we need configuration information.</span><br><span class="line">#</span><br><span class="line"># Note: it is recommended that you use an absolute pathname</span><br><span class="line"># for this value (eg. /etc or /usr/local/etc)</span><br><span class="line">#</span><br><span class="line">ETC_DIR = /etc</span><br><span class="line">#</span><br><span class="line">#######################################################################</span><br><span class="line"></span><br><span class="line"></span><br><span class="line"></span><br><span class="line">#######################################################################</span><br><span class="line">#</span><br><span class="line"># SUSPICIOUS_LOGIN_REPORT_ALLOWED_HOSTS</span><br><span class="line">#</span><br><span class="line"># SUSPICIOUS_LOGIN_REPORT_ALLOWED_HOSTS=YES|NO</span><br><span class="line"># If set to YES, if a suspicious login attempt results from an allowed-host</span><br><span class="line"># then it is considered suspicious.  If this is NO, then suspicious logins </span><br><span class="line"># from allowed-hosts will not be reported.  All suspicious logins from </span><br><span class="line"># ip addresses that are not in allowed-hosts will always be reported.</span><br><span class="line">#</span><br><span class="line">SUSPICIOUS_LOGIN_REPORT_ALLOWED_HOSTS=YES</span><br><span class="line">######################################################################</span><br><span class="line"></span><br><span class="line">######################################################################</span><br><span class="line">#</span><br><span class="line"># HOSTNAME_LOOKUP</span><br><span class="line">#</span><br><span class="line"># HOSTNAME_LOOKUP=YES|NO</span><br><span class="line"># If set to YES, for each IP address that is reported by Denyhosts,</span><br><span class="line"># the corresponding hostname will be looked up and reported as well</span><br><span class="line"># (if available).</span><br><span class="line">#</span><br><span class="line">HOSTNAME_LOOKUP=NO</span><br><span class="line">#</span><br><span class="line">######################################################################</span><br><span class="line"></span><br><span class="line"></span><br><span class="line">######################################################################</span><br><span class="line">#</span><br><span class="line"># LOCK_FILE</span><br><span class="line">#</span><br><span class="line"># LOCK_FILE=/path/denyhosts</span><br><span class="line"># If this file exists when DenyHosts is run, then DenyHosts will exit</span><br><span class="line"># immediately.  Otherwise, this file will be created upon invocation</span><br><span class="line"># and deleted upon exit.  This ensures that only one instance is</span><br><span class="line"># running at a time.</span><br><span class="line">#</span><br><span class="line"># Redhat/Fedora:</span><br><span class="line">LOCK_FILE = /var/lock/subsys/denyhosts</span><br><span class="line">#</span><br><span class="line"># Debian</span><br><span class="line">#LOCK_FILE = /var/run/denyhosts.pid</span><br><span class="line">#</span><br><span class="line"># Misc</span><br><span class="line">#LOCK_FILE = /tmp/denyhosts.lock</span><br><span class="line">#</span><br><span class="line">######################################################################</span><br><span class="line"></span><br><span class="line"></span><br><span class="line">       ############ THESE SETTINGS ARE OPTIONAL ############</span><br><span class="line"></span><br><span class="line"></span><br><span class="line">#######################################################################</span><br><span class="line">#</span><br><span class="line"># IPTABLES: if you would like DenyHost to block incoming connections</span><br><span class="line"># using the Linux firewall IPTABLES, then set the following variable</span><br><span class="line"># to the path of the iptables executable. Typically this is </span><br><span class="line"># /sbin/iptables</span><br><span class="line"># If this option is not set or commented out then the iptables</span><br><span class="line"># firewall is not used.</span><br><span class="line">#IPTABLES = /sbin/iptables</span><br><span class="line">#</span><br><span class="line"># Warning: If you are running IPTABLES, please make sure to comment</span><br><span class="line"># out the PFCTL_PATH and the PF_TABLE variables below. PF and</span><br><span class="line"># IPTABLES should not be running together on the same operating system.</span><br><span class="line">#</span><br><span class="line"># By default DenyHost will ask IPTables to block incoming connections</span><br><span class="line"># from an aggressive host on ALL ports. While this is usually a good</span><br><span class="line"># idea, it may prevent some botted machines from being able to access</span><br><span class="line"># services their legitmate users want, like a web server. To only</span><br><span class="line"># block specific ports, enable the following option.</span><br><span class="line"># BLOCKPORT = 22</span><br><span class="line">#</span><br><span class="line">#######################################################################</span><br><span class="line"></span><br><span class="line">#######################################################################</span><br><span class="line">#</span><br><span class="line"># On FreeBSD/OpenBSD/TrueOS/PC-BSD/NetBSD we may want to block incoming</span><br><span class="line"># traffic using the PF firewall instead of the hosts.deny file</span><br><span class="line"># (aka tcp_wrapper). </span><br><span class="line"># The admin can set up a PF table that is persistent</span><br><span class="line"># and DenyHost can add new addresses to be blocked to that table.</span><br><span class="line"># The TrueOS operating system enables this by default, blocking</span><br><span class="line"># all addresses in the &quot;blacklist&quot; table.</span><br><span class="line">#</span><br><span class="line"># To have DenyHost update the blocking PF table in real time, uncomment</span><br><span class="line"># these next two options. Make sure the table name specificed</span><br><span class="line"># is one created in the pf.conf file of your operating system.</span><br><span class="line"># The PFCTL_PATH variable must point to the pfctl extectuable on your OS.</span><br><span class="line"># PFCTL_PATH = /sbin/pfctl</span><br><span class="line"># PF_TABLE = blacklist</span><br><span class="line"># Note, a good rule to have in your pf.conf file to enable the</span><br><span class="line"># blacklist table is:</span><br><span class="line">#</span><br><span class="line"># table &lt;blacklist&gt; persist file &quot;/etc/blacklist&quot;</span><br><span class="line"># block from &lt;blacklist&gt; to any </span><br><span class="line">#</span><br><span class="line"># Warning: If you are using PF, please make sure to disable the</span><br><span class="line"># IPTABLES rule above as these two packet filters should not be</span><br><span class="line"># run together on the same operating system.</span><br><span class="line"># Note: Even if you decide to run DenyHost with PF filtering</span><br><span class="line"># only and no hosts.deny support, please still create an empty</span><br><span class="line"># file called /etc/hosts.deny for backward compatibility.</span><br><span class="line"># Also, please make sure PF is enabled prior to launching</span><br><span class="line"># DenyHosts. To do this run &quot;pfctl -e&quot;.</span><br><span class="line"></span><br><span class="line"></span><br><span class="line">#######################################################################</span><br><span class="line"></span><br><span class="line"></span><br><span class="line">#######################################################################</span><br><span class="line">#</span><br><span class="line"># ADMIN_EMAIL: if you would like to receive emails regarding newly</span><br><span class="line"># restricted hosts and suspicious logins, set this address to </span><br><span class="line"># match your email address.  If you do not want to receive these reports</span><br><span class="line"># leave this field blank (or run with the --noemail option)</span><br><span class="line">#</span><br><span class="line"># Multiple email addresses can be delimited by a comma, eg:</span><br><span class="line"># ADMIN_EMAIL = foo@bar.com, bar@foo.com, etc@foobar.com</span><br><span class="line">#</span><br><span class="line">ADMIN_EMAIL = root@localhost</span><br><span class="line">#</span><br><span class="line">#######################################################################</span><br><span class="line"></span><br><span class="line">#######################################################################</span><br><span class="line">#</span><br><span class="line"># SMTP_HOST and SMTP_PORT: if DenyHosts is configured to email </span><br><span class="line"># reports (see ADMIN_EMAIL) then these settings specify the </span><br><span class="line"># email server address (SMTP_HOST) and the server port (SMTP_PORT)</span><br><span class="line"># </span><br><span class="line">#</span><br><span class="line">SMTP_HOST = localhost</span><br><span class="line">SMTP_PORT = 25</span><br><span class="line">#</span><br><span class="line">#######################################################################</span><br><span class="line"></span><br><span class="line">#######################################################################</span><br><span class="line"># </span><br><span class="line"># SMTP_USERNAME and SMTP_PASSWORD: set these parameters if your </span><br><span class="line"># smtp email server requires authentication</span><br><span class="line">#</span><br><span class="line">#SMTP_USERNAME=foo</span><br><span class="line">#SMTP_PASSWORD=bar</span><br><span class="line">#</span><br><span class="line">######################################################################</span><br><span class="line"></span><br><span class="line">#######################################################################</span><br><span class="line">#</span><br><span class="line"># SMTP_FROM: you can specify the &quot;From:&quot; address in messages sent</span><br><span class="line"># from DenyHosts when it reports thwarted abuse attempts</span><br><span class="line">#</span><br><span class="line">SMTP_FROM = DenyHosts &lt;nobody@localhost&gt;</span><br><span class="line">#</span><br><span class="line">#######################################################################</span><br><span class="line"></span><br><span class="line">#######################################################################</span><br><span class="line">#</span><br><span class="line"># SMTP_SUBJECT: you can specify the &quot;Subject:&quot; of messages sent</span><br><span class="line"># by DenyHosts when it reports thwarted abuse attempts</span><br><span class="line">SMTP_SUBJECT = DenyHosts Report from $[HOSTNAME]</span><br><span class="line">#</span><br><span class="line">######################################################################</span><br><span class="line"></span><br><span class="line">######################################################################</span><br><span class="line">#</span><br><span class="line"># SMTP_DATE_FORMAT: specifies the format used for the &quot;Date:&quot; header</span><br><span class="line"># when sending email messages.</span><br><span class="line">#</span><br><span class="line"># for possible values for this parameter refer to: man strftime</span><br><span class="line">#</span><br><span class="line"># the default:</span><br><span class="line">#</span><br><span class="line">#SMTP_DATE_FORMAT = %a, %d %b %Y %H:%M:%S %z</span><br><span class="line">#</span><br><span class="line">######################################################################</span><br><span class="line"></span><br><span class="line">######################################################################</span><br><span class="line">#</span><br><span class="line"># SYSLOG_REPORT</span><br><span class="line">#</span><br><span class="line"># SYSLOG_REPORT=YES|NO</span><br><span class="line"># If set to yes, when denied hosts are recorded the report data</span><br><span class="line"># will be sent to syslog (syslog must be present on your system).</span><br><span class="line"># The default is: NO</span><br><span class="line">#</span><br><span class="line">#SYSLOG_REPORT=NO</span><br><span class="line">#</span><br><span class="line">#SYSLOG_REPORT=YES</span><br><span class="line">#</span><br><span class="line">######################################################################</span><br><span class="line"></span><br><span class="line">######################################################################</span><br><span class="line">#</span><br><span class="line"># ALLOWED_HOSTS_HOSTNAME_LOOKUP</span><br><span class="line">#</span><br><span class="line"># ALLOWED_HOSTS_HOSTNAME_LOOKUP=YES|NO</span><br><span class="line"># If set to YES, for each entry in the WORK_DIR/allowed-hosts file,</span><br><span class="line"># the hostname will be looked up.  If your versions of tcp_wrappers</span><br><span class="line"># and sshd sometimes log hostnames in addition to ip addresses</span><br><span class="line"># then you may wish to specify this option.</span><br><span class="line"># </span><br><span class="line">ALLOWED_HOSTS_HOSTNAME_LOOKUP=NO</span><br><span class="line">#</span><br><span class="line">######################################################################</span><br><span class="line"></span><br><span class="line">###################################################################### </span><br><span class="line"># </span><br><span class="line"># AGE_RESET_VALID: Specifies the period of time between failed login</span><br><span class="line"># attempts that, when exceeded will result in the failed count for </span><br><span class="line"># this host to be reset to 0.  This value applies to login attempts </span><br><span class="line"># to all valid users (those within /etc/passwd) with the </span><br><span class="line"># exception of root.  If not defined, this count will never</span><br><span class="line"># be reset.</span><br><span class="line">#</span><br><span class="line"># See the comments in the PURGE_DENY section (above) </span><br><span class="line"># for details on specifying this value or for complete details </span><br><span class="line"># refer to:  http://denyhost.sourceforge.net/faq.html#timespec</span><br><span class="line">#</span><br><span class="line">AGE_RESET_VALID=5d</span><br><span class="line">#</span><br><span class="line">######################################################################</span><br><span class="line"></span><br><span class="line">###################################################################### </span><br><span class="line"># </span><br><span class="line"># AGE_RESET_ROOT: Specifies the period of time between failed login</span><br><span class="line"># attempts that, when exceeded will result in the failed count for </span><br><span class="line"># this host to be reset to 0.  This value applies to all login </span><br><span class="line"># attempts to the &quot;root&quot; user account.  If not defined,</span><br><span class="line"># this count will never be reset.</span><br><span class="line">#</span><br><span class="line"># See the comments in the PURGE_DENY section (above) </span><br><span class="line"># for details on specifying this value or for complete details </span><br><span class="line"># refer to:  http://denyhost.sourceforge.net/faq.html#timespec</span><br><span class="line">#</span><br><span class="line">AGE_RESET_ROOT=25d</span><br><span class="line">#</span><br><span class="line">######################################################################</span><br><span class="line"></span><br><span class="line">###################################################################### </span><br><span class="line"># </span><br><span class="line"># AGE_RESET_RESTRICTED: Specifies the period of time between failed login</span><br><span class="line"># attempts that, when exceeded will result in the failed count for </span><br><span class="line"># this host to be reset to 0.  This value applies to all login </span><br><span class="line"># attempts to entries found in the WORK_DIR/restricted-usernames file.  </span><br><span class="line"># If not defined, the count will never be reset.</span><br><span class="line">#</span><br><span class="line"># See the comments in the PURGE_DENY section (above) </span><br><span class="line"># for details on specifying this value or for complete details </span><br><span class="line"># refer to:  http://denyhost.sourceforge.net/faq.html#timespec</span><br><span class="line">#</span><br><span class="line">AGE_RESET_RESTRICTED=25d</span><br><span class="line">#</span><br><span class="line">######################################################################</span><br><span class="line"></span><br><span class="line"></span><br><span class="line">###################################################################### </span><br><span class="line"># </span><br><span class="line"># AGE_RESET_INVALID: Specifies the period of time between failed login</span><br><span class="line"># attempts that, when exceeded will result in the failed count for </span><br><span class="line"># this host to be reset to 0.  This value applies to login attempts </span><br><span class="line"># made to any invalid username (those that do not appear </span><br><span class="line"># in /etc/passwd).  If not defined, count will never be reset.</span><br><span class="line">#</span><br><span class="line"># See the comments in the PURGE_DENY section (above) </span><br><span class="line"># for details on specifying this value or for complete details </span><br><span class="line"># refer to:  http://denyhost.sourceforge.net/faq.html#timespec</span><br><span class="line">#</span><br><span class="line">AGE_RESET_INVALID=10d</span><br><span class="line">#</span><br><span class="line">######################################################################</span><br><span class="line"></span><br><span class="line"></span><br><span class="line">######################################################################</span><br><span class="line">#</span><br><span class="line"># RESET_ON_SUCCESS: If this parameter is set to &quot;yes&quot; then the</span><br><span class="line"># failed count for the respective ip address will be reset to 0</span><br><span class="line"># if the login is successful.  </span><br><span class="line">#</span><br><span class="line"># The default is RESET_ON_SUCCESS = no</span><br><span class="line">#</span><br><span class="line">#RESET_ON_SUCCESS = yes</span><br><span class="line">#</span><br><span class="line">#####################################################################</span><br><span class="line"></span><br><span class="line"></span><br><span class="line">######################################################################</span><br><span class="line">#</span><br><span class="line"># PLUGIN_DENY: If set, this value should point to an executable</span><br><span class="line"># program that will be invoked when a host is added to the</span><br><span class="line"># HOSTS_DENY file.  This executable will be passed the host</span><br><span class="line"># that will be added as its only argument.</span><br><span class="line">#</span><br><span class="line">#PLUGIN_DENY=/usr/bin/true</span><br><span class="line">#</span><br><span class="line">######################################################################</span><br><span class="line"></span><br><span class="line"></span><br><span class="line">######################################################################</span><br><span class="line">#</span><br><span class="line"># PLUGIN_PURGE: If set, this value should point to an executable</span><br><span class="line"># program that will be invoked when a host is removed from the</span><br><span class="line"># HOSTS_DENY file.  This executable will be passed the host</span><br><span class="line"># that is to be purged as it&apos;s only argument.</span><br><span class="line">#</span><br><span class="line">#PLUGIN_PURGE=/usr/bin/true</span><br><span class="line">#</span><br><span class="line"># The following plugin will restore the file contexts on /etc/hosts.deny after</span><br><span class="line"># denyhosts purges old entries.  This prevents breakage when selinux is set to</span><br><span class="line"># enforcing mode, but still has a small window where the context is set</span><br><span class="line"># incorrectly.  The correct place to fix this is in the selinux policy.</span><br><span class="line">#</span><br><span class="line">#PLUGIN_PURGE=/usr/share/denyhosts/plugins/restorecon.sh</span><br><span class="line">#</span><br><span class="line">######################################################################</span><br><span class="line"></span><br><span class="line"></span><br><span class="line"></span><br><span class="line">######################################################################</span><br><span class="line">#</span><br><span class="line"># USERDEF_FAILED_ENTRY_REGEX: if set, this value should contain</span><br><span class="line"># a regular expression that can be used to identify additional</span><br><span class="line"># hackers for your particular ssh configuration.  This functionality</span><br><span class="line"># extends the built-in regular expressions that DenyHosts uses.</span><br><span class="line"># This parameter can be specified multiple times.</span><br><span class="line"># See this faq entry for more details:</span><br><span class="line">#    http://denyhost.sf.net/faq.html#userdef_regex</span><br><span class="line">#</span><br><span class="line">#USERDEF_FAILED_ENTRY_REGEX=</span><br><span class="line">#</span><br><span class="line">#</span><br><span class="line">######################################################################</span><br><span class="line"></span><br><span class="line"></span><br><span class="line"></span><br><span class="line"></span><br><span class="line">   ######### THESE SETTINGS ARE SPECIFIC TO DAEMON MODE  ##########</span><br><span class="line"></span><br><span class="line"></span><br><span class="line"></span><br><span class="line">#######################################################################</span><br><span class="line">#</span><br><span class="line"># DAEMON_LOG: when DenyHosts is run in daemon mode (--daemon flag)</span><br><span class="line"># this is the logfile that DenyHosts uses to report its status.</span><br><span class="line"># To disable logging, leave blank.  (default is: /var/log/denyhosts)</span><br><span class="line">#</span><br><span class="line">DAEMON_LOG = /var/log/denyhosts</span><br><span class="line">#</span><br><span class="line"># disable logging:</span><br><span class="line">#DAEMON_LOG = </span><br><span class="line">#</span><br><span class="line">######################################################################</span><br><span class="line"></span><br><span class="line">#######################################################################</span><br><span class="line"># </span><br><span class="line"># DAEMON_LOG_TIME_FORMAT: when DenyHosts is run in daemon mode </span><br><span class="line"># (--daemon flag) this specifies the timestamp format of </span><br><span class="line"># the DAEMON_LOG messages (default is the ISO8061 format:</span><br><span class="line"># ie. 2005-07-22 10:38:01,745)</span><br><span class="line">#</span><br><span class="line"># for possible values for this parameter refer to: man strftime</span><br><span class="line">#</span><br><span class="line"># Jan 1 13:05:59   </span><br><span class="line">#DAEMON_LOG_TIME_FORMAT = %b %d %H:%M:%S</span><br><span class="line">#</span><br><span class="line"># Jan 1 01:05:59 </span><br><span class="line">#DAEMON_LOG_TIME_FORMAT = %b %d %I:%M:%S</span><br><span class="line">#</span><br><span class="line">###################################################################### </span><br><span class="line"></span><br><span class="line">#######################################################################</span><br><span class="line"># </span><br><span class="line"># DAEMON_LOG_MESSAGE_FORMAT: when DenyHosts is run in daemon mode </span><br><span class="line"># (--daemon flag) this specifies the message format of each logged</span><br><span class="line"># entry.  By default the following format is used:</span><br><span class="line">#</span><br><span class="line"># %(asctime)s - %(name)-12s: %(levelname)-8s %(message)s</span><br><span class="line">#</span><br><span class="line"># Where the &quot;%(asctime)s&quot; portion is expanded to the format</span><br><span class="line"># defined by DAEMON_LOG_TIME_FORMAT</span><br><span class="line">#</span><br><span class="line"># This string is passed to python&apos;s logging.Formatter contstuctor.</span><br><span class="line"># For details on the possible format types please refer to:</span><br><span class="line"># http://docs.python.org/lib/node357.html</span><br><span class="line">#</span><br><span class="line"># This is the default:</span><br><span class="line">#DAEMON_LOG_MESSAGE_FORMAT = %(asctime)s - %(name)-12s: %(levelname)-8s %(message)s</span><br><span class="line">#</span><br><span class="line">#</span><br><span class="line">###################################################################### </span><br><span class="line"></span><br><span class="line"> </span><br><span class="line">#######################################################################</span><br><span class="line">#</span><br><span class="line"># DAEMON_SLEEP: when DenyHosts is run in daemon mode (--daemon flag)</span><br><span class="line"># this is the amount of time DenyHosts will sleep between polling</span><br><span class="line"># the SECURE_LOG.  See the comments in the PURGE_DENY section (above)</span><br><span class="line"># for details on specifying this value or for complete details</span><br><span class="line"># refer to:    http://denyhost.sourceforge.net/faq.html#timespec</span><br><span class="line"># </span><br><span class="line">#</span><br><span class="line">DAEMON_SLEEP = 30s</span><br><span class="line">#</span><br><span class="line">#######################################################################</span><br><span class="line"></span><br><span class="line">#######################################################################</span><br><span class="line">#</span><br><span class="line"># DAEMON_PURGE: How often should DenyHosts, when run in daemon mode,</span><br><span class="line"># run the purge mechanism to expire old entries in HOSTS_DENY</span><br><span class="line"># This has no effect if PURGE_DENY is blank.</span><br><span class="line">#</span><br><span class="line">DAEMON_PURGE = 1h</span><br><span class="line">#</span><br><span class="line">#######################################################################</span><br><span class="line"></span><br><span class="line"></span><br><span class="line">   #########   THESE SETTINGS ARE SPECIFIC TO     ##########</span><br><span class="line">   #########       DAEMON SYNCHRONIZATION         ##########</span><br><span class="line"></span><br><span class="line"></span><br><span class="line">#######################################################################</span><br><span class="line">#</span><br><span class="line"># Synchronization mode allows the DenyHosts daemon the ability</span><br><span class="line"># to periodically send and receive denied host data such that </span><br><span class="line"># DenyHosts daemons worldwide can automatically inform one</span><br><span class="line"># another regarding banned hosts.   This mode is disabled by</span><br><span class="line"># default, you must uncomment SYNC_SERVER to enable this mode.</span><br><span class="line">#</span><br><span class="line"># for more information, please refer to: </span><br><span class="line">#        http:/denyhost.sourceforge.net/faq.html</span><br><span class="line">#</span><br><span class="line">#######################################################################</span><br><span class="line"></span><br><span class="line"></span><br><span class="line">#######################################################################</span><br><span class="line">#</span><br><span class="line"># SYNC_SERVER: The central server that communicates with DenyHost</span><br><span class="line"># daemons.  </span><br><span class="line">#</span><br><span class="line"># To disable synchronization (the default), do nothing. </span><br><span class="line">#</span><br><span class="line"># To enable synchronization, you must uncomment the following line:</span><br><span class="line">#</span><br><span class="line"># NOTE: Please read README.Fedora before enabling sync</span><br><span class="line">#SYNC_SERVER = http://xmlrpc.denyhosts.net:9911</span><br><span class="line">#</span><br><span class="line">#######################################################################</span><br><span class="line"></span><br><span class="line">#######################################################################</span><br><span class="line">#</span><br><span class="line"># SYNC_INTERVAL: the interval of time to perform synchronizations if</span><br><span class="line"># SYNC_SERVER has been uncommented.  The default is 1 hour.</span><br><span class="line"># </span><br><span class="line">#SYNC_INTERVAL = 1h</span><br><span class="line">#</span><br><span class="line">#######################################################################</span><br><span class="line"></span><br><span class="line"></span><br><span class="line">#######################################################################</span><br><span class="line">#</span><br><span class="line"># SYNC_UPLOAD: allow your DenyHosts daemon to transmit hosts that have</span><br><span class="line"># been denied?  This option only applies if SYNC_SERVER has</span><br><span class="line"># been uncommented.</span><br><span class="line"># The default is SYNC_UPLOAD = yes</span><br><span class="line">#</span><br><span class="line">SYNC_UPLOAD = no</span><br><span class="line">#SYNC_UPLOAD = yes</span><br><span class="line">#</span><br><span class="line">#######################################################################</span><br><span class="line"></span><br><span class="line"></span><br><span class="line">#######################################################################</span><br><span class="line">#</span><br><span class="line"># SYNC_DOWNLOAD: allow your DenyHosts daemon to receive hosts that have</span><br><span class="line"># been denied by others?  This option only applies if SYNC_SERVER has</span><br><span class="line"># been uncommented.</span><br><span class="line"># The default is SYNC_DOWNLOAD = yes</span><br><span class="line">#</span><br><span class="line">SYNC_DOWNLOAD = no</span><br><span class="line">#SYNC_DOWNLOAD = yes</span><br><span class="line">#</span><br><span class="line">#</span><br><span class="line">#</span><br><span class="line">#######################################################################</span><br><span class="line"></span><br><span class="line">#######################################################################</span><br><span class="line">#</span><br><span class="line"># SYNC_DOWNLOAD_THRESHOLD: If SYNC_DOWNLOAD is enabled this parameter</span><br><span class="line"># filters the returned hosts to those that have been blocked this many</span><br><span class="line"># times by others.  That is, if set to 1, then if a single DenyHosts</span><br><span class="line"># server has denied an ip address then you will receive the denied host.</span><br><span class="line"># </span><br><span class="line"># See also SYNC_DOWNLOAD_RESILIENCY</span><br><span class="line">#</span><br><span class="line">#SYNC_DOWNLOAD_THRESHOLD = 10</span><br><span class="line">#</span><br><span class="line"># The default is SYNC_DOWNLOAD_THRESHOLD = 3 </span><br><span class="line">#</span><br><span class="line">#SYNC_DOWNLOAD_THRESHOLD = 3</span><br><span class="line">#</span><br><span class="line">#######################################################################</span><br><span class="line"></span><br><span class="line">#######################################################################</span><br><span class="line">#</span><br><span class="line"># SYNC_DOWNLOAD_RESILIENCY:  If SYNC_DOWNLOAD is enabled then the</span><br><span class="line"># value specified for this option limits the downloaded data</span><br><span class="line"># to this resiliency period or greater.</span><br><span class="line">#</span><br><span class="line"># Resiliency is defined as the timespan between a hackers first known </span><br><span class="line"># attack and its most recent attack.  Example:</span><br><span class="line"># </span><br><span class="line"># If the centralized  denyhosts.net server records an attack at 2 PM </span><br><span class="line"># and then again at 5 PM, specifying a SYNC_DOWNLOAD_RESILIENCY = 4h </span><br><span class="line"># will not download this ip address.</span><br><span class="line">#</span><br><span class="line"># However, if the attacker is recorded again at 6:15 PM then the </span><br><span class="line"># ip address will be downloaded by your DenyHosts instance.  </span><br><span class="line">#</span><br><span class="line"># This value is used in conjunction with the SYNC_DOWNLOAD_THRESHOLD </span><br><span class="line"># and only hosts that satisfy both values will be downloaded.  </span><br><span class="line"># This value has no effect if SYNC_DOWNLOAD_THRESHOLD = 1 </span><br><span class="line">#</span><br><span class="line"># The default is SYNC_DOWNLOAD_RESILIENCY = 5h (5 hours)</span><br><span class="line">#</span><br><span class="line"># Only obtain hackers that have been at it for 2 days or more:</span><br><span class="line">#SYNC_DOWNLOAD_RESILIENCY = 2d</span><br><span class="line">#</span><br><span class="line"># Only obtain hackers that have been at it for 5 hours or more:</span><br><span class="line">#SYNC_DOWNLOAD_RESILIENCY = 5h</span><br><span class="line">#</span><br><span class="line">#######################################################################</span><br></pre></td></tr></table></figure>


      
    </div>
    
    
    

    

    

    
      <div>
        <ul class="post-copyright">
  <li class="post-copyright-author">
    <strong>本文作者：</strong>
    Gavin Zhang
  </li>
  <li class="post-copyright-link">
    <strong>本文链接：</strong>
    <a href="http://blog.gavinzh.com/2018/01/28/how-to-use-denyhosts-for-linux-secure/" title="使用DenyHosts保护服务器安全">http://blog.gavinzh.com/2018/01/28/how-to-use-denyhosts-for-linux-secure/</a>
  </li>
  <li class="post-copyright-license">
    <strong>版权声明： </strong>
    本博客所有文章除特别声明外，均采用 <a href="https://creativecommons.org/licenses/by-nc-sa/3.0/" rel="external nofollow" target="_blank">CC BY-NC-SA 3.0</a> 许可协议。转载请注明出处！
  </li>
</ul>

      </div>
    

    <footer class="post-footer">
      
        <div class="post-tags">
          
            <a href="/tags/LinuxAppGuide/" rel="tag"># LinuxAppGuide</a>
          
            <a href="/tags/Linux/" rel="tag"># Linux</a>
          
            <a href="/tags/SSH/" rel="tag"># SSH</a>
          
        </div>
      

      
      
      

      
        <div class="post-nav">
          <div class="post-nav-next post-nav-item">
            
              <a href="/2018/01/21/synchronized-andlock-difference/" rel="next" title="synchronized和lock（CAS）的区别">
                <i class="fa fa-chevron-left"></i> synchronized和lock（CAS）的区别
              </a>
            
          </div>

          <span class="post-nav-divider"></span>

          <div class="post-nav-prev post-nav-item">
            
              <a href="/2018/03/25/Java-Out-of-Memory-Heap-Analysis/" rel="prev" title="Java 堆内存溢出梗概分析">
                Java 堆内存溢出梗概分析 <i class="fa fa-chevron-right"></i>
              </a>
            
          </div>
        </div>
      

      
      
    </footer>
  </div>
  
  
  
  </article>



    <div class="post-spread">
      
    </div>
  </div>


          </div>
          


          

  
    <div class="comments" id="comments">
      <div id="disqus_thread">
        <noscript>
          Please enable JavaScript to view the
          <a href="https://disqus.com/?ref_noscript">comments powered by Disqus.</a>
        </noscript>
      </div>
    </div>

  



        </div>
        
          
  
  <div class="sidebar-toggle">
    <div class="sidebar-toggle-line-wrap">
      <span class="sidebar-toggle-line sidebar-toggle-line-first"></span>
      <span class="sidebar-toggle-line sidebar-toggle-line-middle"></span>
      <span class="sidebar-toggle-line sidebar-toggle-line-last"></span>
    </div>
  </div>

  <aside id="sidebar" class="sidebar">
    
    <div class="sidebar-inner">

      

      
        <ul class="sidebar-nav motion-element">
          <li class="sidebar-nav-toc sidebar-nav-active" data-target="post-toc-wrap">
            文章目录
          </li>
          <li class="sidebar-nav-overview" data-target="site-overview-wrap">
            站点概览
          </li>
        </ul>
      

      <section class="site-overview-wrap sidebar-panel">
        <div class="site-overview">
          <div class="site-author motion-element" itemprop="author" itemscope itemtype="http://schema.org/Person">
            
              <img class="site-author-image" itemprop="image" src="https://avatars3.githubusercontent.com/u/5567916" alt="Gavin Zhang">
            
              <p class="site-author-name" itemprop="name">Gavin Zhang</p>
              <p class="site-description motion-element" itemprop="description"></p>
          </div>

          <nav class="site-state motion-element">

            
              <div class="site-state-item site-state-posts">
              
                <a href="/archives/">
              
                  <span class="site-state-item-count">129</span>
                  <span class="site-state-item-name">日志</span>
                </a>
              </div>
            

            
              
              
              <div class="site-state-item site-state-categories">
                <a href="/categories/index.html">
                  <span class="site-state-item-count">7</span>
                  <span class="site-state-item-name">分类</span>
                </a>
              </div>
            

            
              
              
              <div class="site-state-item site-state-tags">
                <a href="/tags/index.html">
                  <span class="site-state-item-count">158</span>
                  <span class="site-state-item-name">标签</span>
                </a>
              </div>
            

          </nav>

          
            <div class="feed-link motion-element">
              <a href="/atom.xml" rel="alternate">
                <i class="fa fa-rss"></i>
                RSS
              </a>
            </div>
          

          
            <div class="links-of-author motion-element">
                
                  <span class="links-of-author-item">
                    <a href="https://github.com/jiangmitiao" target="_blank" title="GitHub">
                      
                        <i class="fa fa-fw fa-github"></i>GitHub</a>
                  </span>
                
                  <span class="links-of-author-item">
                    <a href="mailto:me at gavinzh.com" target="_blank" title="E-Mail">
                      
                        <i class="fa fa-fw fa-envelope"></i>E-Mail</a>
                  </span>
                
            </div>
          

          
          

          
          

          

        </div>
      </section>

      
      <!--noindex-->
        <section class="post-toc-wrap motion-element sidebar-panel sidebar-panel-active">
          <div class="post-toc">

            
              
            

            
              <div class="post-toc-content"><ol class="nav"><li class="nav-item nav-level-1"><a class="nav-link" href="#DenyHosts介绍"><span class="nav-number">1.</span> <span class="nav-text">DenyHosts介绍</span></a></li><li class="nav-item nav-level-1"><a class="nav-link" href="#安装"><span class="nav-number">2.</span> <span class="nav-text">安装</span></a><ol class="nav-child"><li class="nav-item nav-level-2"><a class="nav-link" href="#安装EPEL源"><span class="nav-number">2.1.</span> <span class="nav-text">安装EPEL源</span></a></li><li class="nav-item nav-level-2"><a class="nav-link" href="#安装rsyslog"><span class="nav-number">2.2.</span> <span class="nav-text">安装rsyslog</span></a></li><li class="nav-item nav-level-2"><a class="nav-link" href="#安装DenyHosts"><span class="nav-number">2.3.</span> <span class="nav-text">安装DenyHosts</span></a></li><li class="nav-item nav-level-2"><a class="nav-link" href="#后续操作"><span class="nav-number">2.4.</span> <span class="nav-text">后续操作</span></a></li></ol></li><li class="nav-item nav-level-1"><a class="nav-link" href="#相关配置"><span class="nav-number">3.</span> <span class="nav-text">相关配置</span></a></li></ol></div>
            

          </div>
        </section>
      <!--/noindex-->
      

      
        <div class="back-to-top">
          <i class="fa fa-arrow-up"></i>
          
            <span id="scrollpercent"><span>0</span>%</span>
          
        </div>
      

    </div>
  </aside>


        
      </div>
    </main>

    <footer id="footer" class="footer">
      <div class="footer-inner">
        <div class="copyright">&copy; 2013 &mdash; <span itemprop="copyrightYear">2020</span>
  <span class="with-love">
    <i class="fa fa-heart"></i>
  </span>
  <span class="author" itemprop="copyrightHolder">Gavin Zhang</span>

  

  
</div>





<div>
	<a href="http://www.beian.miit.gov.cn/" target="_blank">陕ICP备17010002号-1</a>
</div>





        




  <script type="text/javascript">
    (function() {
      var hm = document.createElement("script");
      hm.src = "//tajs.qq.com/stats?sId=61868582";
      var s = document.getElementsByTagName("script")[0];
      s.parentNode.insertBefore(hm, s);
    })();
  </script>




  <div style="display: none;">
    <script src="//s95.cnzz.com/z_stat.php?id=1261805793&web_id=1261805793" language="JavaScript"></script>
  </div>



        
      </div>
    </footer>

    

    

  </div>

  

<script type="text/javascript">
  if (Object.prototype.toString.call(window.Promise) !== '[object Function]') {
    window.Promise = null;
  }
</script>





  



  






  













  
  
    <script type="text/javascript" src="https://cdn.staticfile.org/jquery/3.4.1/jquery.min.js"></script>
  

  
  
    <script type="text/javascript" src="https://cdn.staticfile.org/fastclick/1.0.6/fastclick.js"></script>
  

  
  
    <script type="text/javascript" src="https://cdn.staticfile.org/jquery.lazyload/1.9.1/jquery.lazyload.min.js"></script>
  

  
  
    <script type="text/javascript" src="https://cdn.staticfile.org/velocity/2.0.5/velocity.min.js"></script>
  

  
  
    <script type="text/javascript" src="https://cdn.staticfile.org/velocity/2.0.5/velocity.min.js"></script>
  

  
  
    <script type="text/javascript" src="https://cdn.staticfile.org/fancybox/3.5.7/jquery.fancybox.min.js"></script>
  


  


  <script type="text/javascript" src="/js/src/utils.js?v=6.0.0"></script>

  <script type="text/javascript" src="/js/src/motion.js?v=6.0.0"></script>



  
  


  <script type="text/javascript" src="/js/src/affix.js?v=6.0.0"></script>

  <script type="text/javascript" src="/js/src/schemes/pisces.js?v=6.0.0"></script>



  
  <script type="text/javascript" src="/js/src/scrollspy.js?v=6.0.0"></script>
<script type="text/javascript" src="/js/src/post-details.js?v=6.0.0"></script>



  


  <script type="text/javascript" src="/js/src/bootstrap.js?v=6.0.0"></script>



  


  

    
      <script id="dsq-count-scr" src="https://zhang-hengs-website-blog.disqus.com/count.js" async></script>
    

    
      <script type="text/javascript">
        var disqus_config = function () {
          this.page.url = 'http://blog.gavinzh.com/2018/01/28/how-to-use-denyhosts-for-linux-secure/';
          this.page.identifier = '2018/01/28/how-to-use-denyhosts-for-linux-secure/';
          this.page.title = '使用DenyHosts保护服务器安全';
        };
        var d = document, s = d.createElement('script');
        s.src = 'https://zhang-hengs-website-blog.disqus.com/embed.js';
        s.setAttribute('data-timestamp', '' + +new Date());
        (d.head || d.body).appendChild(s);
      </script>
    

  




	





  














  

  <script type="text/javascript">
    // Popup Window;
    var isfetched = false;
    var isXml = true;
    // Search DB path;
    var search_path = "search.xml";
    if (search_path.length === 0) {
      search_path = "search.xml";
    } else if (/json$/i.test(search_path)) {
      isXml = false;
    }
    var path = "/" + search_path;
    // monitor main search box;

    var onPopupClose = function (e) {
      $('.popup').hide();
      $('#local-search-input').val('');
      $('.search-result-list').remove();
      $('#no-result').remove();
      $(".local-search-pop-overlay").remove();
      $('body').css('overflow', '');
    }

    function proceedsearch() {
      $("body")
        .append('<div class="search-popup-overlay local-search-pop-overlay"></div>')
        .css('overflow', 'hidden');
      $('.search-popup-overlay').click(onPopupClose);
      $('.popup').toggle();
      var $localSearchInput = $('#local-search-input');
      $localSearchInput.attr("autocapitalize", "none");
      $localSearchInput.attr("autocorrect", "off");
      $localSearchInput.focus();
    }

    // search function;
    var searchFunc = function(path, search_id, content_id) {
      'use strict';

      // start loading animation
      $("body")
        .append('<div class="search-popup-overlay local-search-pop-overlay">' +
          '<div id="search-loading-icon">' +
          '<i class="fa fa-spinner fa-pulse fa-5x fa-fw"></i>' +
          '</div>' +
          '</div>')
        .css('overflow', 'hidden');
      $("#search-loading-icon").css('margin', '20% auto 0 auto').css('text-align', 'center');

      $.ajax({
        url: path,
        dataType: isXml ? "xml" : "json",
        async: true,
        success: function(res) {
          // get the contents from search data
          isfetched = true;
          $('.popup').detach().appendTo('.header-inner');
          var datas = isXml ? $("entry", res).map(function() {
            return {
              title: $("title", this).text(),
              content: $("content",this).text(),
              url: $("url" , this).text()
            };
          }).get() : res;
          var input = document.getElementById(search_id);
          var resultContent = document.getElementById(content_id);
          var inputEventFunction = function() {
            var searchText = input.value.trim().toLowerCase();
            var keywords = searchText.split(/[\s\-]+/);
            if (keywords.length > 1) {
              keywords.push(searchText);
            }
            var resultItems = [];
            if (searchText.length > 0) {
              // perform local searching
              datas.forEach(function(data) {
                var isMatch = false;
                var hitCount = 0;
                var searchTextCount = 0;
                var title = data.title.trim();
                var titleInLowerCase = title.toLowerCase();
                var content = data.content.trim().replace(/<[^>]+>/g,"");
                var contentInLowerCase = content.toLowerCase();
                var articleUrl = decodeURIComponent(data.url);
                var indexOfTitle = [];
                var indexOfContent = [];
                // only match articles with not empty titles
                if(title != '') {
                  keywords.forEach(function(keyword) {
                    function getIndexByWord(word, text, caseSensitive) {
                      var wordLen = word.length;
                      if (wordLen === 0) {
                        return [];
                      }
                      var startPosition = 0, position = [], index = [];
                      if (!caseSensitive) {
                        text = text.toLowerCase();
                        word = word.toLowerCase();
                      }
                      while ((position = text.indexOf(word, startPosition)) > -1) {
                        index.push({position: position, word: word});
                        startPosition = position + wordLen;
                      }
                      return index;
                    }

                    indexOfTitle = indexOfTitle.concat(getIndexByWord(keyword, titleInLowerCase, false));
                    indexOfContent = indexOfContent.concat(getIndexByWord(keyword, contentInLowerCase, false));
                  });
                  if (indexOfTitle.length > 0 || indexOfContent.length > 0) {
                    isMatch = true;
                    hitCount = indexOfTitle.length + indexOfContent.length;
                  }
                }

                // show search results

                if (isMatch) {
                  // sort index by position of keyword

                  [indexOfTitle, indexOfContent].forEach(function (index) {
                    index.sort(function (itemLeft, itemRight) {
                      if (itemRight.position !== itemLeft.position) {
                        return itemRight.position - itemLeft.position;
                      } else {
                        return itemLeft.word.length - itemRight.word.length;
                      }
                    });
                  });

                  // merge hits into slices

                  function mergeIntoSlice(text, start, end, index) {
                    var item = index[index.length - 1];
                    var position = item.position;
                    var word = item.word;
                    var hits = [];
                    var searchTextCountInSlice = 0;
                    while (position + word.length <= end && index.length != 0) {
                      if (word === searchText) {
                        searchTextCountInSlice++;
                      }
                      hits.push({position: position, length: word.length});
                      var wordEnd = position + word.length;

                      // move to next position of hit

                      index.pop();
                      while (index.length != 0) {
                        item = index[index.length - 1];
                        position = item.position;
                        word = item.word;
                        if (wordEnd > position) {
                          index.pop();
                        } else {
                          break;
                        }
                      }
                    }
                    searchTextCount += searchTextCountInSlice;
                    return {
                      hits: hits,
                      start: start,
                      end: end,
                      searchTextCount: searchTextCountInSlice
                    };
                  }

                  var slicesOfTitle = [];
                  if (indexOfTitle.length != 0) {
                    slicesOfTitle.push(mergeIntoSlice(title, 0, title.length, indexOfTitle));
                  }

                  var slicesOfContent = [];
                  while (indexOfContent.length != 0) {
                    var item = indexOfContent[indexOfContent.length - 1];
                    var position = item.position;
                    var word = item.word;
                    // cut out 100 characters
                    var start = position - 20;
                    var end = position + 80;
                    if(start < 0){
                      start = 0;
                    }
                    if (end < position + word.length) {
                      end = position + word.length;
                    }
                    if(end > content.length){
                      end = content.length;
                    }
                    slicesOfContent.push(mergeIntoSlice(content, start, end, indexOfContent));
                  }

                  // sort slices in content by search text's count and hits' count

                  slicesOfContent.sort(function (sliceLeft, sliceRight) {
                    if (sliceLeft.searchTextCount !== sliceRight.searchTextCount) {
                      return sliceRight.searchTextCount - sliceLeft.searchTextCount;
                    } else if (sliceLeft.hits.length !== sliceRight.hits.length) {
                      return sliceRight.hits.length - sliceLeft.hits.length;
                    } else {
                      return sliceLeft.start - sliceRight.start;
                    }
                  });

                  // select top N slices in content

                  var upperBound = parseInt('1');
                  if (upperBound >= 0) {
                    slicesOfContent = slicesOfContent.slice(0, upperBound);
                  }

                  // highlight title and content

                  function highlightKeyword(text, slice) {
                    var result = '';
                    var prevEnd = slice.start;
                    slice.hits.forEach(function (hit) {
                      result += text.substring(prevEnd, hit.position);
                      var end = hit.position + hit.length;
                      result += '<b class="search-keyword">' + text.substring(hit.position, end) + '</b>';
                      prevEnd = end;
                    });
                    result += text.substring(prevEnd, slice.end);
                    return result;
                  }

                  var resultItem = '';

                  if (slicesOfTitle.length != 0) {
                    resultItem += "<li><a href='" + articleUrl + "' class='search-result-title'>" + highlightKeyword(title, slicesOfTitle[0]) + "</a>";
                  } else {
                    resultItem += "<li><a href='" + articleUrl + "' class='search-result-title'>" + title + "</a>";
                  }

                  slicesOfContent.forEach(function (slice) {
                    resultItem += "<a href='" + articleUrl + "'>" +
                      "<p class=\"search-result\">" + highlightKeyword(content, slice) +
                      "...</p>" + "</a>";
                  });

                  resultItem += "</li>";
                  resultItems.push({
                    item: resultItem,
                    searchTextCount: searchTextCount,
                    hitCount: hitCount,
                    id: resultItems.length
                  });
                }
              })
            };
            if (keywords.length === 1 && keywords[0] === "") {
              resultContent.innerHTML = '<div id="no-result"><i class="fa fa-search fa-5x" /></div>'
            } else if (resultItems.length === 0) {
              resultContent.innerHTML = '<div id="no-result"><i class="fa fa-frown-o fa-5x" /></div>'
            } else {
              resultItems.sort(function (resultLeft, resultRight) {
                if (resultLeft.searchTextCount !== resultRight.searchTextCount) {
                  return resultRight.searchTextCount - resultLeft.searchTextCount;
                } else if (resultLeft.hitCount !== resultRight.hitCount) {
                  return resultRight.hitCount - resultLeft.hitCount;
                } else {
                  return resultRight.id - resultLeft.id;
                }
              });
              var searchResultList = '<ul class=\"search-result-list\">';
              resultItems.forEach(function (result) {
                searchResultList += result.item;
              })
              searchResultList += "</ul>";
              resultContent.innerHTML = searchResultList;
            }
          }

          if ('auto' === 'auto') {
            input.addEventListener('input', inputEventFunction);
          } else {
            $('.search-icon').click(inputEventFunction);
            input.addEventListener('keypress', function (event) {
              if (event.keyCode === 13) {
                inputEventFunction();
              }
            });
          }

          // remove loading animation
          $(".local-search-pop-overlay").remove();
          $('body').css('overflow', '');

          proceedsearch();
        }
      });
    }

    // handle and trigger popup window;
    $('.popup-trigger').click(function(e) {
      e.stopPropagation();
      if (isfetched === false) {
        searchFunc(path, 'local-search-input', 'local-search-result');
      } else {
        proceedsearch();
      };
    });

    $('.popup-btn-close').click(onPopupClose);
    $('.popup').click(function(e){
      e.stopPropagation();
    });
    $(document).on('keyup', function (event) {
      var shouldDismissSearchPopup = event.which === 27 &&
        $('.search-popup').is(':visible');
      if (shouldDismissSearchPopup) {
        onPopupClose();
      }
    });
  </script>





  

  
  <script src="https://cdn1.lncld.net/static/js/av-core-mini-0.6.4.js"></script>
  <script>AV.initialize("EhAMmIXTRGtethTcgYwA9afH-gzGzoHsz", "jzP1TaBhMleAUgPLXyB0h8oQ");</script>
  <script>
    function showTime(Counter) {
      var query = new AV.Query(Counter);
      var entries = [];
      var $visitors = $(".leancloud_visitors");

      $visitors.each(function () {
        entries.push( $(this).attr("id").trim() );
      });

      query.containedIn('url', entries);
      query.find()
        .done(function (results) {
          var COUNT_CONTAINER_REF = '.leancloud-visitors-count';

          if (results.length === 0) {
            $visitors.find(COUNT_CONTAINER_REF).text(0);
            return;
          }

          for (var i = 0; i < results.length; i++) {
            var item = results[i];
            var url = item.get('url');
            var time = item.get('time');
            var element = document.getElementById(url);

            $(element).find(COUNT_CONTAINER_REF).text(time);
          }
          for(var i = 0; i < entries.length; i++) {
            var url = entries[i];
            var element = document.getElementById(url);
            var countSpan = $(element).find(COUNT_CONTAINER_REF);
            if( countSpan.text() == '') {
              countSpan.text(0);
            }
          }
        })
        .fail(function (object, error) {
          console.log("Error: " + error.code + " " + error.message);
        });
    }

    function addCount(Counter) {
      var $visitors = $(".leancloud_visitors");
      var url = $visitors.attr('id').trim();
      var title = $visitors.attr('data-flag-title').trim();
      var query = new AV.Query(Counter);

      query.equalTo("url", url);
      query.find({
        success: function(results) {
          if (results.length > 0) {
            var counter = results[0];
            counter.fetchWhenSave(true);
            counter.increment("time");
            counter.save(null, {
              success: function(counter) {
                var $element = $(document.getElementById(url));
                $element.find('.leancloud-visitors-count').text(counter.get('time'));
              },
              error: function(counter, error) {
                console.log('Failed to save Visitor num, with error message: ' + error.message);
              }
            });
          } else {
            var newcounter = new Counter();
            /* Set ACL */
            var acl = new AV.ACL();
            acl.setPublicReadAccess(true);
            acl.setPublicWriteAccess(true);
            newcounter.setACL(acl);
            /* End Set ACL */
            newcounter.set("title", title);
            newcounter.set("url", url);
            newcounter.set("time", 1);
            newcounter.save(null, {
              success: function(newcounter) {
                var $element = $(document.getElementById(url));
                $element.find('.leancloud-visitors-count').text(newcounter.get('time'));
              },
              error: function(newcounter, error) {
                console.log('Failed to create');
              }
            });
          }
        },
        error: function(error) {
          console.log('Error:' + error.code + " " + error.message);
        }
      });
    }

    $(function() {
      var Counter = AV.Object.extend("Counter");
      if ($('.leancloud_visitors').length == 1) {
        addCount(Counter);
      } else if ($('.post-title-link').length > 1) {
        showTime(Counter);
      }
    });
  </script>



  

  
<script>
(function(){
    var bp = document.createElement('script');
    var curProtocol = window.location.protocol.split(':')[0];
    if (curProtocol === 'https') {
        bp.src = 'https://zz.bdstatic.com/linksubmit/push.js';        
    }
    else {
        bp.src = 'http://push.zhanzhang.baidu.com/push.js';
    }
    var s = document.getElementsByTagName("script")[0];
    s.parentNode.insertBefore(bp, s);
})();
</script>


  
  

  
  


  
  <script type="text/javascript" src="/js/src/js.cookie.js?v=6.0.0"></script>
  <script type="text/javascript" src="/js/src/scroll-cookie.js?v=6.0.0"></script>


  

</body>
</html>
